Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/uwnWmCvFJ8T2UHA7ASuX6udw7zQ.roa
File: uwnWmCvFJ8T2UHA7ASuX6udw7zQ.roa (raw, json)
Hash identifier: HAN2U8ryrUr1raQSQ//Umy7K1TApGtFRzZC52twT2Xs=
Subject key identifier: BB:09:D6:98:2B:C5:27:C4:F6:50:70:3B:01:2B:97:EA:E7:70:EF:34
Certificate issuer: /CN=15628f9fdaab8b85494bc3388091a122b0bba5c8
Certificate serial: 019137B1CBAEABA501E6351C583563692109
Authority key identifier: 15:62:8F:9F:DA:AB:8B:85:49:4B:C3:38:80:91:A1:22:B0:BB:A5:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FWKPn9qri4VJS8M4gJGhIrC7pcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/uwnWmCvFJ8T2UHA7ASuX6udw7zQ.roa
Signing time: Fri 09 Aug 2024 15:11:24 +0000
ROA not before: Fri 09 Aug 2024 15:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202964
IP address blocks: 37.208.89.0/24 maxlen: 24
37.208.90.0/24 maxlen: 24
37.208.91.0/24 maxlen: 24
37.208.92.0/24 maxlen: 24
37.208.93.0/24 maxlen: 24
37.208.94.0/24 maxlen: 24
37.208.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/FWKPn9qri4VJS8M4gJGhIrC7pcg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/FWKPn9qri4VJS8M4gJGhIrC7pcg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FWKPn9qri4VJS8M4gJGhIrC7pcg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:b1:cb:ae:ab:a5:01:e6:35:1c:58:35:63:69:21:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15628f9fdaab8b85494bc3388091a122b0bba5c8
Validity
Not Before: Aug 9 15:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb09d6982bc527c4f650703b012b97eae770ef34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:73:cb:a6:41:e2:b8:8f:5e:39:4f:b3:8c:a9:
67:63:76:e8:3c:ec:c3:c4:8a:80:d5:e9:f4:1c:75:
09:61:2d:00:ac:01:ba:56:43:7f:1e:64:33:56:b1:
ee:de:e5:32:73:b5:c2:f4:ed:2b:b6:41:22:36:a0:
d6:69:30:f9:cd:c1:9f:fa:ea:ea:82:d6:89:d0:e4:
b1:c9:bb:1d:2b:06:84:48:8c:8d:2d:bc:cf:e3:7f:
40:ab:b6:56:ea:d4:0b:1c:75:dc:f5:a9:ae:d4:b3:
a4:17:07:9a:33:aa:66:18:1f:20:1a:c8:06:6b:a2:
1b:05:d5:b7:46:a5:59:5a:82:44:95:f5:c3:d0:13:
45:39:68:48:4f:49:e3:cb:63:5a:55:e7:8e:c0:5d:
60:c1:1a:42:b6:1c:27:c8:9d:97:31:19:12:17:40:
b4:69:4d:2a:3d:12:28:d3:a5:a9:07:46:ba:2a:73:
7d:38:77:65:73:66:f4:bd:7a:1c:58:0d:7b:d0:52:
cf:f3:ba:d3:5f:46:5e:87:72:41:43:a3:80:d4:d8:
a3:0e:cb:24:08:c7:ab:cb:92:d1:43:03:2a:ec:35:
80:70:4a:d6:41:65:91:f9:75:9b:a0:a4:82:27:59:
b5:72:ae:46:b0:dd:8b:b4:25:df:8c:e2:58:36:0b:
5c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:09:D6:98:2B:C5:27:C4:F6:50:70:3B:01:2B:97:EA:E7:70:EF:34
X509v3 Authority Key Identifier:
keyid:15:62:8F:9F:DA:AB:8B:85:49:4B:C3:38:80:91:A1:22:B0:BB:A5:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FWKPn9qri4VJS8M4gJGhIrC7pcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/uwnWmCvFJ8T2UHA7ASuX6udw7zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/db2692-4b71-43cb-a389-96f040bbba0d/1/FWKPn9qri4VJS8M4gJGhIrC7pcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.89.0-37.208.95.255
Signature Algorithm: sha256WithRSAEncryption
51:91:03:21:0d:55:16:5d:bb:11:ec:fb:18:0c:6f:2f:7c:21:
06:20:f3:60:4b:f9:4d:34:28:a1:2c:88:c4:ff:cb:e7:e7:98:
45:b9:23:72:b9:89:8d:c4:21:3a:57:6c:ce:26:68:dc:03:cf:
a4:ca:40:93:b4:3e:be:ec:41:d7:23:52:2d:7b:f3:9c:6d:d9:
1b:27:3b:ca:7c:d3:d2:38:07:31:94:b6:55:3f:87:f7:b6:ad:
d9:43:f2:76:33:4c:c5:31:ff:d5:f6:4f:6f:aa:fa:b6:ad:87:
de:80:92:80:cd:83:90:8c:ce:98:73:72:da:f1:2b:67:5c:f4:
df:38:a3:66:41:8d:0c:75:c3:e0:7c:18:98:bc:17:89:43:54:
91:cf:ff:5d:5e:64:30:62:35:56:2f:d3:2f:b2:df:30:a5:5e:
cd:b1:1b:f7:7a:ed:f7:f8:8f:1f:a0:ff:e9:d1:41:cc:90:e1:
ad:38:da:4b:c4:93:ec:13:6c:8b:c9:95:b4:e4:4d:66:47:35:
7a:57:2e:b8:78:f6:16:8a:de:37:5d:54:d2:32:c2:f8:d6:b8:
6d:e0:29:d7:21:6d:f9:5f:4f:58:c5:3f:e7:a6:b4:ab:6d:e2:
86:82:f9:a3:4b:cb:30:76:36:27:47:4e:62:24:5a:2d:6f:c0:
e6:f9:99:df
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZE3scuuq6UB5jUcWDVjaSEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NjI4ZjlmZGFhYjhiODU0OTRiYzMzODgwOTFhMTIyYjBi
YmE1YzgwHhcNMjQwODA5MTUxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA5ZDY5ODJiYzUyN2M0ZjY1MDcwM2IwMTJiOTdlYWU3NzBlZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHPLpkHiuI9eOU+zjKlnY3boPOzD
xIqA1en0HHUJYS0ArAG6VkN/HmQzVrHu3uUyc7XC9O0rtkEiNqDWaTD5zcGf+urq
gtaJ0OSxybsdKwaESIyNLbzP439Aq7ZW6tQLHHXc9amu1LOkFweaM6pmGB8gGsgG
a6IbBdW3RqVZWoJElfXD0BNFOWhIT0njy2NaVeeOwF1gwRpCthwnyJ2XMRkSF0C0
aU0qPRIo06WpB0a6KnN9OHdlc2b0vXocWA170FLP87rTX0Zeh3JBQ6OA1NijDssk
CMery5LRQwMq7DWAcErWQWWR+XWboKSCJ1m1cq5GsN2LtCXfjOJYNgtcRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLsJ1pgrxSfE9lBwOwErl+rncO80MB8GA1UdIwQY
MBaAFBVij5/aq4uFSUvDOICRoSKwu6XIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRldLUG45cXJpNFZKUzhNNGdKR2hJckM3cGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kYjI2OTItNGI3MS00M2NiLWEzODkt
OTZmMDQwYmJiYTBkLzEvdXduV21DdkZKOFQyVUhBN0FTdVg2dWR3N3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kYjI2OTItNGI3MS00M2NiLWEzODktOTZmMDQwYmJiYTBk
LzEvRldLUG45cXJpNFZKUzhNNGdKR2hJckM3cGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAl0FkD
BAUl0EAwDQYJKoZIhvcNAQELBQADggEBAFGRAyENVRZduxHs+xgMby98IQYg82BL
+U00KKEsiMT/y+fnmEW5I3K5iY3EITpXbM4maNwDz6TKQJO0Pr7sQdcjUi1785xt
2RsnO8p809I4BzGUtlU/h/e2rdlD8nYzTMUx/9X2T2+q+rath96AkoDNg5CMzphz
ctrxK2dc9N84o2ZBjQx1w+B8GJi8F4lDVJHP/11eZDBiNVYv0y+y3zClXs2xG/d6
7ff4jx+g/+nRQcyQ4a042kvEk+wTbIvJlbTkTWZHNXpXLrh49haK3jddVNIywvjW
uG3gKdchbflfT1jFP+emtKtt4oaC+aNLyzB2NidHTmIkWi1vwOb5md8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:35 2024 by rpki-client on console-fra.rpki-client.org